a52ea3675c
Co-Authored-By: edef <edef@edef.eu> Co-Authored-by: Ryan Lahfa <raito@lix.systems> Change-Id: Ica1cda177a236814de900f50a8a61d288f58f519
76 lines
1.8 KiB
Nix
76 lines
1.8 KiB
Nix
{ lib, config, ... }:
|
|
let
|
|
cfg = config.infra.hardware.raito-vm;
|
|
inherit (lib) mkEnableOption mkIf mkOption types;
|
|
in
|
|
{
|
|
options.infra.hardware.raito-vm = {
|
|
enable = mkEnableOption "Raito's VM hardware defaults";
|
|
|
|
networking = {
|
|
nat64.enable = mkEnableOption "the setup of NAT64 rules to the local NAT64 node";
|
|
|
|
wan = {
|
|
address = mkOption {
|
|
type = types.str;
|
|
description = "IPv6 prefix for WAN. Ask Raito when in doubt.";
|
|
};
|
|
mac = mkOption {
|
|
type = types.str;
|
|
description = "MAC address for the WAN interface.";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.qemuGuest.enable = true;
|
|
systemd.network.enable = true;
|
|
networking.useDHCP = lib.mkDefault false;
|
|
|
|
systemd.network.networks."10-wan" = {
|
|
matchConfig.Name = "wan";
|
|
linkConfig.RequiredForOnline = true;
|
|
networkConfig.Address = [ cfg.networking.wan.address ];
|
|
|
|
routes = mkIf cfg.networking.nat64.enable [
|
|
{
|
|
Destination = "64:ff9b::/96";
|
|
Gateway = "2001:bc8:38ee:100::100";
|
|
Scope = "site";
|
|
}
|
|
];
|
|
|
|
# Enable DNS64 resolvers from Google, I'm too lazy.
|
|
dns = mkIf cfg.networking.nat64.enable [ "2001:4860:4860::6464" "2001:4860:4860::64" ];
|
|
};
|
|
|
|
systemd.network.links."10-wan" = {
|
|
matchConfig.MACAddress = cfg.networking.wan.mac;
|
|
linkConfig.Name = "wan";
|
|
};
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
|
|
boot.initrd.kernelModules = [
|
|
"virtio_balloon"
|
|
"virtio_console"
|
|
"virtio_rng"
|
|
];
|
|
|
|
boot.initrd.availableKernelModules = [
|
|
"9p"
|
|
"9pnet_virtio"
|
|
"ata_piix"
|
|
"nvme"
|
|
"sr_mod"
|
|
"uhci_hcd"
|
|
"virtio_blk"
|
|
"virtio_mmio"
|
|
"virtio_net"
|
|
"virtio_pci"
|
|
"virtio_scsi"
|
|
"xhci_pci"
|
|
];
|
|
};
|
|
}
|